Tuesday, August 26, 2014

Apple products are known for not just their simple yet awe inspiring designs but also the hardware mechanism that makes them such useful devices. The Apple product owners have from little to no reasons to complain and have been fully satisfied as far as the product performance is concerned. However, with the number of users increasing exponentially, it is only a matter of time when someone will be able to hack into the Fort Knox of devices. This is the reason why you as an end user should pay greater attention to the security of your iPhone, iPad and Mac.

Even though Apple makes its products more and more convenient with each upgrade, it is the responsibility of the end user to ensure its complete safety and maintain its privacy. Depending upon the sensitivity of the data on your device, you can toggle the settings on your phone and monitor the security arrangements. The idea is not make the phone so impenetrable that even the user gets nightmares while trying to get inside their device. However, the security and privacy tips will only make sure that breaking into your phone or device is extremely unattractive to the thieves or pranksters who can be dissuaded from their antics by just looking at the layered security.

Use a reasonably strong Pass Code

The latest iPhone 5S has a biometric system which is unbeatable when it comes to identifying its true owner. However, for any other devices, the owners can use reasonably tough pass codes to unlock their phones. They should be hard to guess but not something you can’t easily memorize. iPhone 5S users can also use stronger pass codes rather than using the biometric unlocking system for added security.

Turn off Personal Notifications on the locked screen

While it is very simple to quickly gaze at notifications on the home screen, it can also be very unsafe if your phone is in the hands of anyone other than you. Your pass code lock will defeat the whole purpose if people can read your personal notifications even when the phone or the device is locked. It is better to turn off the notifications on your home screen when the screen is locked so that no one but you can read your private messages.

Go for 2-tiered security layer

This might seem a little over the top to add to layers of security on your Apple device. However, considering the sensitivity of the data we have on our phones these days, it seems like a very small level of security. All it takes is add another layer of password on the apps to get the added security. You can make your device twice as strong by just introducing another level of pass code.

Keep your web browsing private

If you do not wish your web browsing history to be tracked or recorded, you can use the private browsing feature of safari. You can also enable the private browsing from the bookmarks, tabs etc which makes it easier and more convenient. Also, if you are on the network that you do not trust and are using the browsing for personal and sensitive information then you can also gain access to the VPN service that will keep your data private. Needless to mention that with all the browsing that happens on internet enabled devices, you must also secure your devices with a reliable piece of antivirus software like Bitdefender Antivirus for Mac that will deter any hacker from trying to hack into your device.

Delete the Web History Data

If you have not used private browsing by Safari and now want to remove the data from your device, you also have the option of wiping your device clean and start afresh.

Monday, November 29, 2010

Overall, the whole approach of the Apple security that Charlie Miller and castigated early March, although he conceded being "somewhat responsive to bugs that has been providing it with:" Apple does not pay security researchers. Apple assumes that it has no security problem and did not need to work with researchers. "Worse, he said," Apple is certainly capable of producing a safe product, but do just not yet made the effort. "And, in fact, Apple may have changed his tune: he moreover subject - among others - pre-release version of Mac OS X Leo.

In addition, Apple has recently recruited several experts in computer security: David Rice, a former NSA, Ivan Krstic, former director of the OLPC, or Windows Snyder, who has contributed to strengthening the security of Firefox.

And he has this apparent convergence between Mac OS X iOS. Apple uses sandboxing widely within IOS, but not in Mac OS X, maybe it will evolve. ALSR arrived in IOS with version 4.3, its use may be extended with Leo. Code signing is also utilized to secure iOS. With the Mac App Store, it used to protect applications distributed through this, against piracy. But perhaps Apple plans to go further ...

Wednesday, November 10, 2010

The reputation is not everything. And, as usual, Mac OS X did not fail to fail at the last edition of Pwn2Own at CanSecWest. This time, it is the French Security VuPen who managed to find and exploit a flaw in WebKit HTML rendering engine of Safari - in particular.

It must be said that VuPen has made a specialty of so-called "intrusion friendly" or, in other words, the penetration test. Among the clients VuPen Security include including Microsoft, Shell, Sagem or IGN. Their job is the testing of security policies applied to information systems. Teams efficient enough that during the 2009 conference on Security Workshop VuPen has sold out and has attracted the interest of representatives from the retail, telecommunications, or the Army.

For IOS, it's even Safari which served as a gateway. And it's a regular who has taken on the task: Charlie Miller. Security analyst at Independent Security Evaluators, Charlie Miller has been awarded four times during Pwn2Own. Twitter, he describes himself as "Mr. Apple 0-day", ie one that runs from previously unknown flaws in the software firm at the apple. A specialty of Miller, the Fuzzing. An approach to vulnerability research developed mainly by Ari Takanen, CTO of Codenomicon Finnish. Jared DeMott, Charlie Miller, he co-authored a book dedicated to the subject, "Fuzzing, for software security testing and quality assurance", published in 2008 by Artech House. At the end of the book, a case study is also devoted to the search for vulnerabilities in QuickTime Player.

The basic concept of Fuzzing is relatively simple: it is looking application interfaces accessible from the outside and saturate the corrupted data - in the sense that they are not consistent with what the application is supposed to address - and then see what happens ... In a way, we can see a parallel here with the compromise of websites SQL injection: in both cases, the software is not adequately protected against attempts injection data does not correspond to that it must wait for a legitimate user ...

Last year, Charlie Miller stressed in particular that OS X "has a broad surface attack involving open source components, third party components closed [with Flash], and Apple closed components [Preview, etc.].." Each of these software elements can be an attack vector. Recently, as part of an interview with German magazine Heise, he explains his stubbornness to attack Apple's software: "I use various Apple products and it is in my interest that they are as safe as possible [. ..] If you listen that Apple (or Mac fan boys) you believe that Macs are impossible to hack, which is not the case. "

Especially for him, it is important to know the faults to measure the level of software security, it does not boil down to this: "you must take into account those who threaten you, the resources available to them. "So, for him too, right now," a Mac with Snow Leopard is the safest choice [to surf the Internet] mainly because of its market share. "But the Mac's OS is it more secure? No, he answers without reservation: "In my experience, it was easier to find and exploit vulnerabilities in Mac OS X systems in modern Windows (Vista and 7)." Indeed for him, Web browser is the safest Chrome, Google. And recommend the passage of any extension disable unnecessary.